Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Request to be added to ROS wiki whitelist #139

Closed
130s opened this Issue Jan 11, 2016 · 2,500 comments

Comments

Projects
None yet
@130s
Copy link
Contributor

130s commented Jan 11, 2016

Update: 2018-10-17

This issue has maxed out the number of comment that can be added to a github issue. We have created a new issue #258 where you can request to be added for access to the wiki.


If you would like access to edit the wiki please comment below with your ROS wiki username.

After you have been added you may want to unsubscribe from this ticket as there will be many updates. Use the button on the right sidebar to unsubscribe from future notifications.


UPDATE 6/7/2016; Title of the ticket originally was ROS wiki is experiencing vast amount of spams, for the record. I'm glad that this ticket serves the purpose in many ways.

http://wiki.ros.org/RecentChanges

There's easily more than 100 editions and is beyond manually revert-able.

@130s

This comment has been minimized.

Copy link
Contributor Author

130s commented Jan 11, 2016

As @tfoote mentioned before, we can only manually revert/delete 1-by-1? Ok I'll start working on some..

@130s

This comment has been minimized.

Copy link
Contributor Author

130s commented Jan 11, 2016

Spammers are viciously changing titles of pages, that may not be captured by looking at revision history?
E.g. Now http://wiki.ros.org/ROS/Tutorials is gone. And instead this page is there.

@130s

This comment has been minimized.

Copy link
Contributor Author

130s commented Jan 11, 2016

Spammers are viciously changing titles of pages, that may not be captured by looking at revision history?
E.g. Now http://wiki.ros.org/ROS/Tutorials is gone. And instead this page is there.

I'm failing to revert the page name.
roswiki_revert_fails

@130s

This comment has been minimized.

Copy link
Contributor Author

130s commented Jan 11, 2016

@gavanderhoorn

This comment has been minimized.

Copy link
Contributor

gavanderhoorn commented Jan 11, 2016

Ouch. I see multiple pages per second.

@tfoote: is there some admin interface for deleting all contributions from certain users on the wiki?

@dlaz

This comment has been minimized.

Copy link

dlaz commented Jan 11, 2016

It might make sense if an admin could make the wiki read-only for a little bit. There are pages that have been reverted and then re-spammed.

@dirk-thomas

This comment has been minimized.

Copy link
Member

dirk-thomas commented Jan 11, 2016

I just changed the captcha to a random string. All non-whitelisted users have to enter that string (which is unknown to anyone). Hopefully that will stop further edits. I changed it before but a human can always get the answer right which was what happened.

If you want to help cleaning up the spam but your username is not on the list please post it here and I am happy to add it.

@130s

This comment has been minimized.

Copy link
Contributor Author

130s commented Jan 11, 2016

Some newly created pages on recently-changed page seem not exist, but they still linger on the list.
E.g. this page. This makes harder to spot the pages that need to be deleted.

@dirk-thomas

This comment has been minimized.

Copy link
Member

dirk-thomas commented Jan 11, 2016

I just wrote a script which moves pages with the substring "quickbooks" to a different location in the FS.

@130s

This comment has been minimized.

Copy link
Contributor Author

130s commented Jan 11, 2016

@dirk-thomas that seems working great.

Now ROS/Tutorials page is renamed as I mentioned #139 (comment) (and now I don't see pulldown menu so I can't try renaming it back).

@dirk-thomas

This comment has been minimized.

Copy link
Member

dirk-thomas commented Jan 11, 2016

I have to grep through the moved pages and find the few which had content before.

@dirk-thomas

This comment has been minimized.

Copy link
Member

dirk-thomas commented Jan 11, 2016

http://wiki.ros.org/ROS/Tutorials seems to be the only renamed page. I restored it. As far as I can see it should be clean again now. If you still see any spam content please comment here and feel free to clean it up.

Thanks for all your help!

We still have to set a viable captcha again... @tfoote Any idea?

@dirk-thomas

This comment has been minimized.

Copy link
Member

dirk-thomas commented Jan 11, 2016

Just for the record: I ran this script to move spam pages to a different location:


import os
import re

for name in os.listdir('.'):
    if not re.search('quickbook', name, re.IGNORECASE):
        continue
    print(name)
    os.rename(name, '../pages_deleted/' + name)

And then searched through these to find pages with real content:

import os
import re

for name in os.listdir('.'):
    if not os.path.exists(name + '/revisions/00000002'):
        continue
    with open(name + '/revisions/00000001', 'r') as h:
        content = h.read()
    if re.search('quickbook', content, re.IGNORECASE):
        continue
    print(name)
@awesomebytes

This comment has been minimized.

Copy link

awesomebytes commented Jan 11, 2016

Good to see it's fixed!

Also just for the record I made a selenium script that giving it a list of links or articles (well, writting them inside of the script, sorry) to delete it will access the delete page and click on delete (adding a comment "spam").

https://gist.github.com/awesomebytes/7dcc241eecc322bb7dcd

Maybe it can inspire some other tool in the future.

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Jan 11, 2016

It seems like we're up against a real person since they were able to break 3 updated textchas in a row quickly.

We probably need to switch to use an external authentication source. The wiki does not have good user controls that can function at our scale.

@moriarty

This comment has been minimized.

Copy link

moriarty commented Jan 12, 2016

Hi @tfoote, my username on the wiki.ros.org is the same as my github username.
Thanks for responding so quickly.

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Jan 12, 2016

@moriarty you should be able to edit now.

@allenh1

This comment has been minimized.

Copy link

allenh1 commented Jan 12, 2016

Looks like I'm a little late to the party, but let me know if there's anything I can do.

@allenh1

This comment has been minimized.

Copy link

allenh1 commented Jan 12, 2016

My user is HunterAllen

@moriarty

This comment has been minimized.

Copy link

moriarty commented Jan 12, 2016

A quick Google search shows that a large number of other wikis are experiencing the same troubles.

Within the past few minutes the same type of pages are showing up on the @jenkinsci wiki https://wiki.jenkins-ci.org/pages/listpages-dirview.action?key=JENKINS . They're coming from a username which was spamming GitHub issues a few months ago and has since been shut down.

Is there any more data/information to take a more direct, grey hat approach?

@moriarty

This comment has been minimized.

Copy link

moriarty commented Jan 12, 2016

@tfoote, I just tried again to update the page, I didn't realise think that MoinMoin would be CaseSensitive. My username is actually Moriarty - sorry.

As for your comment on the external auth source, I'm not familiar with MoinMoin but I took a look into the options available for it. In the mean time it may be worth adding "quickbook" to the BadContent page, and perhaps "1800". https://moinmo.in/HelpOnSpam#BadContent_.2F_LocalBadContent

@allenh1

This comment has been minimized.

Copy link

allenh1 commented Jan 12, 2016

Could we just spam filter anything containing "Quickbook pro tech support phone number"? Looking at the Jenkins wiki link above and the posts in our wiki, that seems to be the intersection between all the posts, since the phone numbers and names are inconsistent.

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Jan 13, 2016

@allenh1 I've added you. If you can propose some additions to the BadContent regexs that would match we could add them to the site. Though reviewing the titles they're really good at misspelling things or adding extra punctuation such as "s.u.p.p.o.r.t" And I do see some non-quickbooks things too.

The current regex is at http://wiki.ros.org/BadContent

@gavanderhoorn

This comment has been minimized.

Copy link
Contributor

gavanderhoorn commented Jan 13, 2016

Could I be added as well? wiki username: GvdHoorn. Thanks.

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Jan 13, 2016

@akifh

This comment has been minimized.

Copy link

akifh commented Jan 13, 2016

Is there anything that I can do? My username is AkifHacinecipoglu

@croesmann

This comment has been minimized.

Copy link

croesmann commented Jan 13, 2016

After trying to submit all changes to my package wiki entry, I recognized the whitelist thing ;-)
Could you please add me to the list? Username: ChristophRoesmann
Thank you very much!

@allenh1

This comment has been minimized.

Copy link

allenh1 commented Jan 13, 2016

@tfoote What about a [.,_]? ? That would check for commas, underscores and periods. We put that between all letters of the word. That would at least lessen the amount of spam... Also, I should note that this was a suggestion from @BPHays

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Jan 13, 2016

@akifh @croesmann added

@allenh1 yes, the trick is to write the regex to not have too many false positives or negatives. If you can propose some full regexs we can review them.

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Jan 14, 2016

Thanks for help cleaning up the spam. We have turned on recaptcha for the site. It should be back and operational now.

The diff is here: https://gist.github.com/tfoote/675b98df53369e199dea based on https://codereview.appspot.com/70400043 It is using https://pypi.python.org/pypi/recaptcha-client/1.0.6

If you see any issues please comment back here.

@nburek

This comment has been minimized.

Copy link

nburek commented Sep 26, 2018

username: NickBurek

I'd like to be able to add new documentation for new packages.

@ipa-pfs

This comment has been minimized.

Copy link

ipa-pfs commented Sep 27, 2018

Please add me
username: Philipp Schnattinger

Thanks

@yyyasu

This comment has been minimized.

Copy link

yyyasu commented Sep 28, 2018

Please add me
username: Yasuhiro Mano

Thanks

@mumiii

This comment has been minimized.

Copy link

mumiii commented Sep 29, 2018

hii

@mumiii

This comment has been minimized.

Copy link

mumiii commented Sep 29, 2018

mohamed ashraf

@jamiedbennett

This comment has been minimized.

Copy link

jamiedbennett commented Oct 1, 2018

Going through most of the documentation again that would be applicable to a new starter and would like to fix minor issues as I go.
username: JamieBennett

@dhood

This comment has been minimized.

Copy link
Contributor

dhood commented Oct 1, 2018

@marshallmassengill

This comment has been minimized.

Copy link

marshallmassengill commented Oct 3, 2018

Please add: MarshallMassengill

@Tobias-Fischer

This comment has been minimized.

Copy link

Tobias-Fischer commented Oct 4, 2018

Please add: TobiasFischer

@pl-kabaradjian

This comment has been minimized.

Copy link

pl-kabaradjian commented Oct 4, 2018

@erikbeall added

@pl-kabaradjian not sure what the underlying issue is; I found your username in the whitelist already. Simple thing that I've tried is to remove it and add it again... could you let me know if anything has changed for you?

(reminder to others that you can unsubscribe from this issue to not receive notifications anymore)

Hello @dhood , I quickly checked again and I still can't edit any page, on top of pages I have:

Note: Hi there, Pierre-LouisKabaradjian! In an effort to combat spam, we require that users be added to a whitelist to gain edit permissions. To gain edit permissions for yourself, please comment on this GitHub ticket with your wiki UserName, 'Pierre-LouisKabaradjian', to be added to the whitelist. Thanks for your patience and support.

Could this come from the hyphen in my username ?

@marcusvinicius178

This comment has been minimized.

Copy link

marcusvinicius178 commented Oct 4, 2018

Hello, I am mechanical engineering student from Brazil, I would like the access of roswiki page. I desire to contribute and learn with the community.
Thanks

@marcusvinicius178

This comment has been minimized.

Copy link

marcusvinicius178 commented Oct 4, 2018

Hello, I am mechanical engineering student from Brazil, I would like the access of roswiki page. I desire to contribute and learn with the community.
username in roswiki.org = Marcus Vinícius Leal de Carvalho
username in rosanswer.org = marcusvini178

Thanks

@HannesBachter

This comment has been minimized.

Copy link

HannesBachter commented Oct 4, 2018

Hi, I would like to get access to edit the roswiki page:
wiki username: HannesBachter

@Roboterbastler

This comment has been minimized.

Copy link

Roboterbastler commented Oct 5, 2018

Please add: JacobSeibert

@vincentberenz

This comment has been minimized.

Copy link

vincentberenz commented Oct 5, 2018

Please add: VincentBerenz

@fabiocapasso93

This comment has been minimized.

Copy link

fabiocapasso93 commented Oct 6, 2018

Please add: FabioCapasso

@3vikramkumar

This comment has been minimized.

Copy link

3vikramkumar commented Oct 7, 2018

Hi, please whitelist roswiki username: trivikram
Thanks.

@FalconWarriorr

This comment has been minimized.

Copy link

FalconWarriorr commented Oct 8, 2018

Please add: NiallMullane

@wjwwood

This comment has been minimized.

Copy link
Contributor

wjwwood commented Oct 8, 2018

For everyone, I suggest unsubscribing from this issue once you've been added.


@marshallmassengill @Tobias-Fischer added


@pl-kabaradjian

Could this come from the hyphen in my username ?

Maybe, I can try adding a new user name if you want to create on without the hyphen.


@marcusvinicius178 @HannesBachter @Roboterbastler @vincentberenz @fabiocapasso93 @3vikramkumar @FalconWarriorr added

@siyang66

This comment has been minimized.

Copy link

siyang66 commented Oct 9, 2018

150412

@pl-kabaradjian

This comment has been minimized.

Copy link

pl-kabaradjian commented Oct 9, 2018

@pl-kabaradjian

Could this come from the hyphen in my username ?

Maybe, I can try adding a new user name if you want to create on without the hyphen.

@wjwwood Ok, I created a new username : PierreLouisKabaradjian
We'll see if the problem goes away.
Thx

@dizz

This comment has been minimized.

Copy link

dizz commented Oct 9, 2018

Please add: dizz

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Oct 11, 2018

@dizz @siyang66 added
@pl-kabaradjian updated w/o hyphen

@pl-kabaradjian

This comment has been minimized.

Copy link

pl-kabaradjian commented Oct 11, 2018

@pl-kabaradjian updated w/o hyphen

I can now edit! Thanks a lot @tfoote, @dhood , @wjwwood for your time!
If the hyphen was really the cause, it might be nice to check the username for it. Otherwise there might be some regex parsing of the whitelist that is a bit too restrictive.

@cottsay

This comment has been minimized.

Copy link
Member

cottsay commented Oct 16, 2018

Please add: ScottLogan

@diogoalmeida

This comment has been minimized.

Copy link

diogoalmeida commented Oct 17, 2018

Please add: DiogoAlmeida

@lennarthaller

This comment has been minimized.

Copy link

lennarthaller commented Oct 17, 2018

Please add LennartHaller

@tfoote

This comment has been minimized.

Copy link
Member

tfoote commented Oct 17, 2018

@lennarthaller @diogoalmeida @cottsay added

Since we have reached 2500 comments we cannot comment here anymore. If you're looking to get access to the ROS wiki please comment instead on #258 now.

@tfoote tfoote closed this Oct 17, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.